<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML
><HEAD
><TITLE
>Release 7.4.27</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
REV="MADE"
HREF="mailto:pgsql-docs@postgresql.org"><LINK
REL="HOME"
TITLE="PostgreSQL 9.1.2 Documentation"
HREF="index.html"><LINK
REL="UP"
TITLE="Release Notes"
HREF="release.html"><LINK
REL="PREVIOUS"
TITLE="Release 7.4.28"
HREF="release-7-4-28.html"><LINK
REL="NEXT"
TITLE="Release 7.4.26"
HREF="release-7-4-26.html"><LINK
REL="STYLESHEET"
TYPE="text/css"
HREF="stylesheet.css"><META
HTTP-EQUIV="Content-Type"
CONTENT="text/html; charset=ISO-8859-1"><META
NAME="creation"
CONTENT="2011-12-01T22:07:59"></HEAD
><BODY
CLASS="SECT1"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="5"
ALIGN="center"
VALIGN="bottom"
><A
HREF="index.html"
>PostgreSQL 9.1.2 Documentation</A
></TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
TITLE="Release 7.4.28"
HREF="release-7-4-28.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="60%"
ALIGN="center"
VALIGN="bottom"
>Appendix E. Release Notes</TD
><TD
WIDTH="20%"
ALIGN="right"
VALIGN="top"
><A
TITLE="Release 7.4.26"
HREF="release-7-4-26.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="RELEASE-7-4-27"
>E.118. Release 7.4.27</A
></H1
><DIV
CLASS="NOTE"
><BLOCKQUOTE
CLASS="NOTE"
><P
><B
>Release Date: </B
>2009-12-14</P
></BLOCKQUOTE
></DIV
><P
>   This release contains a variety of fixes from 7.4.26.
   For information about new features in the 7.4 major release, see
   <A
HREF="release-7-4.html"
>Section E.145</A
>.
  </P
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN124401"
>E.118.1. Migration to Version 7.4.27</A
></H2
><P
>    A dump/restore is not required for those running 7.4.X.
    However, if you are upgrading from a version earlier than 7.4.26,
    see the release notes for 7.4.26.
   </P
></DIV
><DIV
CLASS="SECT2"
><H2
CLASS="SECT2"
><A
NAME="AEN124404"
>E.118.2. Changes</A
></H2
><P
></P
><UL
><LI
><P
>      Protect against indirect security threats caused by index functions
      changing session-local state (Gurjeet Singh, Tom)
     </P
><P
>      This change prevents allegedly-immutable index functions from possibly
      subverting a superuser's session (CVE-2009-4136).
     </P
></LI
><LI
><P
>      Reject SSL certificates containing an embedded null byte in the common
      name (CN) field (Magnus)
     </P
><P
>      This prevents unintended matching of a certificate to a server or client
      name during SSL validation (CVE-2009-4034).
     </P
></LI
><LI
><P
>      Fix possible crash during backend-startup-time cache initialization (Tom)
     </P
></LI
><LI
><P
>      Prevent signals from interrupting <TT
CLASS="LITERAL"
>VACUUM</TT
> at unsafe times
      (Alvaro)
     </P
><P
>      This fix prevents a PANIC if a <TT
CLASS="LITERAL"
>VACUUM FULL</TT
> is canceled
      after it's already committed its tuple movements, as well as transient
      errors if a plain <TT
CLASS="LITERAL"
>VACUUM</TT
> is interrupted after having
      truncated the table.
     </P
></LI
><LI
><P
>      Fix possible crash due to integer overflow in hash table size
      calculation (Tom)
     </P
><P
>      This could occur with extremely large planner estimates for the size of
      a hashjoin's result.
     </P
></LI
><LI
><P
>      Fix very rare crash in <TT
CLASS="TYPE"
>inet</TT
>/<TT
CLASS="TYPE"
>cidr</TT
> comparisons (Chris
      Mikkelson)
     </P
></LI
><LI
><P
>      Fix PAM password processing to be more robust (Tom)
     </P
><P
>      The previous code is known to fail with the combination of the Linux
      <TT
CLASS="LITERAL"
>pam_krb5</TT
> PAM module with Microsoft Active Directory as the
      domain controller.  It might have problems elsewhere too, since it was
      making unjustified assumptions about what arguments the PAM stack would
      pass to it.
     </P
></LI
><LI
><P
>      Make the postmaster ignore any <TT
CLASS="LITERAL"
>application_name</TT
> parameter in
      connection request packets, to improve compatibility with future libpq
      versions (Tom)
     </P
></LI
></UL
></DIV
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="release-7-4-28.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="release-7-4-26.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Release 7.4.28</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="release.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Release 7.4.26</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>